Announcing NetBSD 4.0

Introduction

The NetBSD Project is pleased to announce that release 4.0 of the
NetBSD operating system is now available. NetBSD is a free, secure,
and highly portable Unix-like Open Source operating system
available for many platforms, from 64-bit Opteron machines and
desktop systems to handheld and embedded devices. Its clean design
and advanced features make it excellent in both production and
research environments, and it is user-supported with complete
source. Many applications are easily available through pkgsrc, the
NetBSD Packages Collection.

Major achievements in NetBSD 4.0 include support for version 3 of the
Xen virtual machine monitor, Bluetooth, many new device drivers and
embedded platforms based on ARM, PowerPC and MIPS CPUs.
New network services include iSCSI target (server) code and an implementation
of the Common Address Redundancy Protocol. Also, system security was further
enhanced with restrictions of mprotect(2) to enforce W^X policies,
the Kernel Authorization framework, and improvements of the Veriexec
file integrity subsystem, which can be used to harden the system against
trojan horses and virus attacks. Please read below for a list of changes
in NetBSD 4.0.

NetBSD 4.0 runs on
54
different system architectures featuring 17 machine
architectures across 17 distinct CPU families, and is being ported
to more. The NetBSD 4.0 release contains complete binary releases
for 51 different machine types, with the
platforms amigappc, bebox and ews4800mips released in source form only.
Complete source and binaries for NetBSD 4.0 are available for download
at many sites around the world. A list of download sites providing FTP,
AnonCVS, SUP, and other services is provided at the end of this
announcement; the latest list of available download sites may also be
found at http://www.NetBSD.org/mirrors/.
We encourage users who wish to install via a CD-ROM ISO image to
download via BitTorrent by using the torrent files supplied in
the ISO image area.
A list of hashes for the NetBSD 4.0 distribution has been signed with
the well-connected PGP key for the NetBSD Security Officer:
ftp://ftp.NetBSD.org/pub/NetBSD/security/hashes/NetBSD-4.0_hashes.asc

NetBSD is free. All of the code is under non-restrictive licenses,
and may be used without paying royalties to anyone. Free support
services are available via our mailing lists and website. Commercial
support is available from a variety of sources; some are listed at
http://www.NetBSD.org/gallery/consultants.html.
More extensive information on NetBSD is available from our website:

Dedication

NetBSD 4.0 is dedicated to the memory of Jun-Ichiro "itojun"
Hagino, who died in October 2007. Itojun was a member of the KAME
project, which provided IPv6 and IPsec support; he was also a
member of the NetBSD core team (the technical management for the
project), and one of the Security Officers. Due to Itojun's
efforts, NetBSD was the first open source operating system with a
production ready IPv6 networking stack, which was included in the
base system before many people knew what IPv6 was. We are grateful
to have known and worked with Itojun, and we know that he will be
missed. This release is therefore dedicated, with thanks, to his
memory.

Fundraising

We would like to remind everyone that the Fundraising Campaign
2007 is still underway, but it will soon be over with the end of
the year. With this release, we would like to call all NetBSD
users to send a Christmas present to the project. You can help us
to improve NetBSD even more - donate!

File systems

scan_ffs(8), scan_lfs(8): utilities to find FFSv1/v2 and LFS
partitions to recover lost disklabels on disks and image files.

tmpfs: added a new memory-based file system aimed at replacing
mfs. Contrary to mfs, it is not based on a disk file system, so
it is more efficient both in overall memory consumption and
speed. See mount_tmpfs(8).

Added UDF support for optical media and block devices,
see mount_udf(8). Read-only for now.

NFS export list handling was changed to be filesystem independent.

LFS: lots of stability improvements and new cleaner daemon. It
is now also possible to use LFS as root filesystem.

vnd(4): the vnode disk driver can be used on filesystems such
as smbfs and tmpfs.

macppc: this port has gained
support to use accelerated wsdisplay drivers by default (if possible),
and uses the appropriate driver rather than the Generic Open Firmware
Framebuffer.

prep: this port has been
modernized, and support for five additional machines has been added,
among them the IBM 7024-E20 and 7025-F30 models and Motorola Powerstack
E1. Additionally, sysinst support was added, and the bootloader process
was improved, allowing easy installation and upgrade to future releases.

GCC 4's support for stack smashing protection (SSP) was enabled by
adding libssp, see security(8).

The kernel authorization framework kauth(9) was added,
replacing the traditional BSD credential management and
privileged operation access control with an abstract layer,
allowing the implementation of various security models either as
part of the NetBSD distribution or as third-party LKMs.

NetBSD's kernel authorization is a hybrid clean-room
implementation of a similar interface developed by Apple,
extending its capabilities and combining concepts of
credential inheritance control.

Besides this list, there have also been innumerable bug
fixes and other miscellaneous enhancements of course.

Components removed from NetBSD

In this release of NetBSD, some software components known from
previous releases were removed from the system. In some cases
those were components that are not useful anymore or their utility
does not justify maintenance overhead. Other components were not
working properly and there was lack of interest in fixing them.

Sushi was removed from the base system due to
lack of interest and maintenance. If you really want it, it is
available in the CVS repository at othersrc/usr.sbin/sushi.
However, be warned that it is unmaintained and is most likely
out of date.

Vinum was removed due to lack of interest and
maintenance. At the time of removal, it had several known serious
issues (including not being compilable). RAIDframe provides
similar functionality. If you were using Vinum you will need
to back up your data, delete the Vinum partitions, create
RAIDframe partitions, and restore your data to them. Details
about RAIDframe can be found in raid(4), raidctl(8),
and the NetBSD Guide.

Sendmail was removed. Postfix is the MTA and provides the
sendmail(1) command line tool. Postfix has been included
with NetBSD since NetBSD 1.5 was released in December 2000.
Details about Postfix can be found in the
NetBSD Guide.
For those who need Sendmail, it is available from pkgsrc in the
mail/sendmail and
mail/sendmail813 packages.

NETCCITT and NETNS were removed due to lack of interest and
maintenance. They had known serious issues (including being out of
date with respect to other network code) and there were no
known users at the time of their removal. Unfortunately, there
is no replacement or option for them.

UUCP was removed. The NetBSD improvements were merged
into the pkgsrc version.
For those who use UUCP tools,
they are available from pkgsrc in the
net/uucp package.
The cu(1) command is available as a frontend to
tip(1).

The Fortran 77 compiler (g77)
has been removed with the
transition from GCC 3 to GCC 4, which does not include it. For
those who need it, it is available from pkgsrc in the
lang/gcc3-f77 package.

The evbsh5 port has been removed from NetBSD
due to lack of interest, compounded by a lack of available SH5
hardware.

Acknowledgments

The NetBSD Foundation would like to thank all those who have
contributed code, hardware, documentation, funds, colocation for
our servers, web pages and other documentation, release engineering,
and other resources over the years. More information on the people who
make NetBSD happen is available at:

We would like to especially thank the University of California at
Berkeley and the GNU Project for particularly large subsets of code
that we use. We would also like to thank
the Internet Systems Consortium Inc., the Network Security Lab at
Columbia University's Computer Science Department, and
Ludd (LuleŚ Academic Computer Society) computer society
at LuleŚ University of Technology
for current colocation services.

About the NetBSD Foundation

The NetBSD Foundation was
chartered in 1995, with the task of overseeing core NetBSD project
services, promoting the project within industry and the open
source community, and holding intellectual property rights on much
of the NetBSD code base. Day-to-day operations of the project are
handled by volunteers.

As a non-profit organization with no commercial backing, The NetBSD
Foundation depends on donations from its users, and we would like to ask
you to consider making a donation
to the NetBSD Foundation in support of continuing production of our
fine operating system. Your generous donation would be particularly
welcome assistance with ongoing upgrades and maintenance, as well as
with operating expenses for The NetBSD Foundation.

Donations can be done via PayPal to <paypal@NetBSD.org> and
are fully tax-deductible in the US. If you would prefer not to use PayPal,
or would like to make other arrangements, please contact
<finance-exec@NetBSD.org>.